Default Permissions Vulnerability in Harmony/Magelis iPC Series and Vijeo Designer

Default Permissions Vulnerability in Harmony/Magelis iPC Series and Vijeo Designer

CVE-2021-22817 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation directory leading to local privilege escalation. Affected Product: Harmony/Magelis iPC Series (All Versions), Vijeo Designer (All Versions prior to V6.2 SP11 Multiple HotFix 4), Vijeo Designer Basic (All Versions prior to V1.2.1)

Learn more about our Web Application Penetration Testing UK.